function file_delete($ids = array()) { global $file_base_path; $ids = $ids ? array_map('assert_int', $ids) : array(assert_int(ps('id'))); $fail = array(); $rs = safe_rows_start('id, filename', 'txp_file', 'id IN (' . join(',', $ids) . ')'); if ($rs) { while ($a = nextRow($rs)) { extract($a); $filepath = build_file_path($file_base_path, $filename); $rsd = safe_delete('txp_file', "id = {$id}"); $ul = false; if ($rsd && is_file($filepath)) { $ul = unlink($filepath); } if (!$rsd or !$ul) { $fail[] = $id; } } if ($fail) { file_list(messenger(gTxt('file_delete_failed'), join(', ', $fail), '')); } else { file_list(gTxt('file_deleted', array('{name}' => join(', ', $ids)))); } } else { file_list(messenger(gTxt('file_not_found'), join(', ', $ids), '')); } }
if (!in_array('size', $txpfile)) { safe_alter('txp_file', "add size bigint"); $update_files = 1; } if (!in_array('downloads', $txpfile)) { safe_alter('txp_file', "ADD downloads INT DEFAULT '0' NOT NULL"); } if (array_intersect(array('modified', 'created'), $txpfile)) { safe_alter('txp_file', "MODIFY modified datetime NOT NULL default '0000-00-00 00:00:00', MODIFY created datetime NOT NULL default '0000-00-00 00:00:00'"); } // copy existing file timestamps into the new database columns if ($update_files) { $prefs = get_prefs(); $rs = safe_rows('*', 'txp_file', '1=1'); foreach ($rs as $row) { $path = build_file_path(@$prefs['file_base_path'], @$row['filename']); if ($path and $stat = @stat($path)) { safe_update('txp_file', "created='" . strftime('%Y-%m-%d %H:%M:%S', $stat['ctime']) . "', modified='" . strftime('%Y-%m-%d %H:%M:%S', $stat['mtime']) . "', size='" . doSlash(sprintf('%u', $stat['size'])) . "'", "id='" . doSlash($row['id']) . "'"); } } } safe_update('textpattern', "Keywords=TRIM(BOTH ',' FROM REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(Keywords,'\n',','),'\r',','),'\t',','),' ',' '),' ',' '),' ',' '),' ,',','),', ',','),',,,,',','),',,',','),',,',','))", "Keywords != ''"); // shift preferences to more intuitive spots // give positions, leave enough room for later additions safe_update('txp_prefs', "position = 20", "name in(\n\t\t'sitename',\n\t\t'comments_on_default',\n\t\t'img_dir',\n\t\t'comments_require_name',\n\t\t'syndicate_body_or_excerpt',\n\t\t'title_no_widow'\n\t)"); safe_update('txp_prefs', "position = 40", "name in(\n\t\t'siteurl',\n\t\t'comments_default_invite',\n\t\t'file_base_path',\n\t\t'comments_require_email',\n\t\t'rss_how_many',\n\t\t'articles_use_excerpts'\n\t)"); safe_update('txp_prefs', "position = 60", "name in('\n\t\tsite_slogan',\n\t\t'comments_moderate',\n\t\t'never_display_email',\n\t\t'file_max_upload_size',\n\t\t'show_comment_count_in_feed',\n\t\t'allow_form_override'\n\t)"); safe_update('txp_prefs', "position = 80", "name in(\n\t\t'production_status',\n\t\t'comments_disabled_after',\n\t\t'tempdir',\n\t\t'comment_nofollow',\n\t\t'include_email_atom',\n\t\t'attach_titles_to_permalinks'\n\t)"); safe_update('txp_prefs', "position = 100", "name in(\n\t\t'gmtoffset',\n\t\t'comments_auto_append',\n\t\t'plugin_cache_dir',\n\t\t'permalink_title_format',\n\t\t'use_mail_on_feeds_id'\n\t)"); safe_update('txp_prefs', "position = 120", "name in(\n\t\t'is_dst',\n\t\t'comments_mode',\n\t\t'override_emailcharset'\n\t)"); safe_update('txp_prefs', "position = 120, event = 'publish'", "name = 'send_lastmod'");
function file_download_send($event, $step) { // just a quick transplant from publish.php, this could stand some refactoring global $pretext, $prefs; extract($prefs); extract($pretext); // we are dealing with a download # if (@$s == 'file_download') { $file_error = 0; $file = safe_row('*', 'txp_file', "id='" . doSlash($pretext['tail'][1]) . "' and status >= 4"); if (!$file) { $file_error = 404; } if (!$file_error) { extract($file); $fullpath = build_file_path($file_base_path, $filename); if (is_file($fullpath)) { // discard any error php messages ob_clean(); $filesize = filesize($fullpath); $sent = 0; header('Content-Description: File Download'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($filename) . '"; size = "' . $filesize . '"'); // Fix for lame IE 6 pdf bug on servers configured to send cache headers header('Cache-Control: private'); @ini_set("zlib.output_compression", "Off"); @set_time_limit(0); @ignore_user_abort(true); if ($file = fopen($fullpath, 'rb')) { while (!feof($file) and connection_status() == 0) { echo fread($file, 1024 * 64); $sent += 1024 * 64; ob_flush(); flush(); } fclose($file); // record download if (connection_status() == 0 and !connection_aborted()) { safe_update("txp_file", "downloads=downloads+1", "id='" . intval($id) . "'"); } else { $pretext['request_uri'] .= "#aborted-at-" . floor($sent * 100 / $filesize) . "%"; logit(); } } } else { $file_error = 404; } # } // deal with error if ($file_error) { switch ($file_error) { case 403: txp_die(gTxt('403_forbidden'), '403'); break; case 404: txp_die(gTxt('404_not_found'), '404'); break; default: txp_die(gTxt('500_internal_server_error'), '500'); break; } } // download done exit(0); } }
function file_delete($ids = array()) { global $file_base_path, $txp_user; $ids = $ids ? array_map('assert_int', $ids) : array(assert_int(ps('id'))); $message = ''; if (!has_privs('file.delete')) { if (has_privs('file.delete.own')) { $ids = safe_column('id', 'txp_file', 'id IN (' . join(',', $ids) . ') AND author=\'' . doSlash($txp_user) . '\''); } else { $ids = array(); } } if (!empty($ids)) { $fail = array(); $rs = safe_rows_start('id, filename', 'txp_file', 'id IN (' . join(',', $ids) . ')'); if ($rs) { while ($a = nextRow($rs)) { extract($a); $filepath = build_file_path($file_base_path, $filename); $rsd = safe_delete('txp_file', "id = {$id}"); $ul = false; if ($rsd && is_file($filepath)) { $ul = unlink($filepath); } if (!$rsd or !$ul) { $fail[] = $id; } } if ($fail) { $message = messenger(gTxt('file_delete_failed'), join(', ', $fail), ''); } else { update_lastmod(); $message = gTxt('file_deleted', array('{name}' => join(', ', $ids))); } } else { $message = messenger(gTxt('file_not_found'), join(', ', $ids), ''); } } file_list($message); }
function fileDownloadFetchInfo($where) { global $file_base_path; $result = array('id' => 0, 'filename' => '', 'category' => '', 'description' => '', 'downloads' => 0, 'size' => 0, 'created' => 0, 'modified' => 0); $rs = safe_row('*', 'txp_file', $where); if ($rs) { extract($rs); $result['id'] = $id; $result['filename'] = $filename; $result['category'] = $category; $result['description'] = $description; $result['downloads'] = $downloads; // get filesystem info $filepath = build_file_path($file_base_path, $filename); if (file_exists($filepath)) { $filesize = filesize($filepath); if ($filesize !== false) { $result['size'] = $filesize; } $created = filectime($filepath); if ($created !== false) { $result['created'] = $created; } $modified = filemtime($filepath); if ($modified !== false) { $result['modified'] = $modified; } } } return $result; }
function output_file_download($filename) { global $file_error, $file_base_path, $pretext; callback_event('file_download'); if (!isset($file_error)) { $filename = sanitizeForFile($filename); $fullpath = build_file_path($file_base_path, $filename); if (is_file($fullpath)) { // Discard any error PHP messages. ob_clean(); $filesize = filesize($fullpath); $sent = 0; header('Content-Description: File Download'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . $filename . '"; size = "' . $filesize . '"'); // Fix for IE6 PDF bug on servers configured to send cache headers. header('Cache-Control: private'); @ini_set("zlib.output_compression", "Off"); @set_time_limit(0); @ignore_user_abort(true); if ($file = fopen($fullpath, 'rb')) { while (!feof($file) and connection_status() == 0) { echo fread($file, 1024 * 64); $sent += 1024 * 64; ob_flush(); flush(); } fclose($file); // Record download. if (connection_status() == 0 and !connection_aborted()) { safe_update('txp_file', "downloads = downloads + 1", "id = " . intval($pretext['id'])); } else { $pretext['request_uri'] .= $sent >= $filesize ? '#aborted' : "#aborted-at-" . floor($sent * 100 / $filesize) . "%"; } log_hit('200'); } } else { $file_error = 404; } } // Deal with error. if (isset($file_error)) { switch ($file_error) { case 403: txp_die(gTxt('403_forbidden'), '403'); break; case 404: txp_die(gTxt('404_not_found'), '404'); break; default: txp_die(gTxt('500_internal_server_error'), '500'); break; } } }
function file_delete() { global $txpcfg, $file_base_path; extract($txpcfg); $id = ps('id'); $rs = safe_row("*", "txp_file", "id='{$id}'"); if ($rs) { extract($rs); $filepath = build_file_path($file_base_path, $filename); $rsd = safe_delete("txp_file", "id='{$id}'"); $ul = false; if ($rsd && is_file($filepath)) { $ul = unlink($filepath); } if ($rsd && $ul) { file_list(messenger(gTxt('file'), $filename, gTxt('deleted'))); return; } else { file_list(messenger(gTxt('file_delete_failed'), $filename, '')); } } else { file_list(messenger(gTxt('file_not_found'), $filename, '')); } }
callback_event('pretext_end'); extract($pretext); // Now that everything is initialized, we can crank down error reporting set_error_level($production_status); if (gps('parentid') && gps('submit')) { saveComment(); } elseif (gps('parentid') and $comments_mode == 1) { // popup comments? header("Content-type: text/html; charset=utf-8"); exit(popComments(gps('parentid'))); } // we are dealing with a download if (@$s == 'file_download') { callback_event('file_download'); if (!isset($file_error)) { $fullpath = build_file_path($file_base_path, $filename); if (is_file($fullpath)) { // discard any error php messages ob_clean(); $filesize = filesize($fullpath); $sent = 0; header('Content-Description: File Download'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($filename) . '"; size = "' . $filesize . '"'); // Fix for lame IE 6 pdf bug on servers configured to send cache headers header('Cache-Control: private'); @ini_set("zlib.output_compression", "Off"); @set_time_limit(0); @ignore_user_abort(true); if ($file = fopen($fullpath, 'rb')) { while (!feof($file) and connection_status() == 0) {
function file_delete($ids = array()) { global $file_base_path, $txp_user; $ids = $ids ? array_map('assert_int', $ids) : array(assert_int(ps('id'))); if (!has_privs('file.delete')) { if (has_privs('file.delete.own')) { $ids = safe_column('id', 'txp_file', 'id IN (' . join(',', $ids) . ') AND author=\'' . doSlash($txp_user) . '\''); } else { $ids = array(); } } if (!empty($ids)) { $fail = array(); $rs = safe_rows_start('id, filename', 'txp_file', 'id IN (' . join(',', $ids) . ')'); if ($rs) { while ($a = nextRow($rs)) { extract($a); $filepath = build_file_path($file_base_path, $filename); // Notify plugins of pending deletion, pass file's id and path. callback_event('file_deleted', '', false, $id, $filepath); $rsd = safe_delete('txp_file', "id = {$id}"); $ul = false; if ($rsd && is_file($filepath)) { $ul = unlink($filepath); } if (!$rsd or !$ul) { $fail[] = $id; } } if ($fail) { file_list(array(messenger(gTxt('file_delete_failed'), join(', ', $fail)), E_ERROR)); return; } else { update_lastmod('file_deleted', $ids); file_list(gTxt('file_deleted', array('{name}' => join(', ', $ids)))); return; } } else { file_list(array(messenger(gTxt('file_not_found'), join(', ', $ids), ''), E_ERROR)); return; } } file_list(); }
function file_download_format_info($file) { global $file_base_path; // get filesystem info $filepath = build_file_path($file_base_path, $file['filename']); if (file_exists($filepath)) { $filesize = filesize($filepath); if ($filesize !== false) { $file['size'] = $filesize; } $created = filectime($filepath); if ($created !== false) { $file['created'] = $created; } $modified = filemtime($filepath); if ($modified !== false) { $file['modified'] = $modified; } } return $file; }
function file_delete() { global $txpcfg, $file_base_path; extract($txpcfg); $id = assert_int(ps('id')); $rs = safe_row('*', 'txp_file', "id = {$id}"); if ($rs) { extract($rs); $filepath = build_file_path($file_base_path, $filename); $rsd = safe_delete('txp_file', "id = {$id}"); $ul = false; if ($rsd && is_file($filepath)) { $ul = unlink($filepath); } if ($rsd && $ul) { $message = gTxt('file_deleted', array('{name}' => $filename)); return file_list($message); } else { file_list(messenger(gTxt('file_delete_failed'), $filename, '')); } } else { file_list(messenger(gTxt('file_not_found'), $filename, '')); } }
if (!in_array('size', $txpfile)) { safe_alter('txp_file', "ADD size BIGINT"); } if (!in_array('downloads', $txpfile)) { safe_alter('txp_file', "ADD downloads INT DEFAULT '0' NOT NULL"); } $txpfile = getThings("DESCRIBE `" . PFX . "txp_file`"); // Copy existing file timestamps into the new database columns. if (array_intersect(array('modified', 'created', 'size'), $txpfile)) { $rs = safe_rows("*", 'txp_file', "1 = 1"); $dir = get_pref('file_base_path', dirname(txpath) . DS . 'files'); foreach ($rs as $row) { if (empty($row['filename'])) { continue; } $path = build_file_path($dir, $row['filename']); if ($path and $stat = @stat($path)) { safe_update('txp_file', "created = '" . strftime('%Y-%m-%d %H:%M:%S', $stat['ctime']) . "', modified = '" . strftime('%Y-%m-%d %H:%M:%S', $stat['mtime']) . "', size = '" . doSlash(sprintf('%u', $stat['size'])) . "'", "id = '" . doSlash($row['id']) . "'"); } } } safe_update('textpattern', "Keywords = TRIM(BOTH ',' FROM \n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(\n REPLACE(Keywords, '\n', ','),\n '\r', ','),\n '\t', ','),\n ' ', ' '),\n ' ', ' '),\n ' ', ' '),\n ' ,', ','),\n ', ', ','),\n ',,,,', ','),\n ',,', ','),\n ',,', ',')\n )", "Keywords != ''"); // Shift preferences to more intuitive spots. // Give positions, leave enough room for later additions. safe_update('txp_prefs', "position = 20", "name IN(\n 'sitename',\n 'comments_on_default',\n 'img_dir',\n 'comments_require_name',\n 'syndicate_body_or_excerpt',\n 'title_no_widow'\n)"); safe_update('txp_prefs', "position = 40", "name IN(\n 'siteurl',\n 'comments_default_invite',\n 'file_base_path',\n 'comments_require_email',\n 'rss_how_many',\n 'articles_use_excerpts'\n)"); safe_update('txp_prefs', "position = 60", "name IN(\n 'site_slogan',\n 'comments_moderate',\n 'never_display_email',\n 'file_max_upload_size',\n 'show_comment_count_in_feed',\n 'allow_form_override'\n)"); safe_update('txp_prefs', "position = 80", "name IN(\n 'production_status',\n 'comments_disabled_after',\n 'tempdir',\n 'comment_nofollow',\n 'include_email_atom',\n 'attach_titles_to_permalinks'\n)"); safe_update('txp_prefs', "position = 100", "name IN(\n 'gmtoffset',\n 'comments_auto_append',\n 'plugin_cache_dir',\n 'permalink_title_format',\n 'use_mail_on_feeds_id'\n)"); safe_update('txp_prefs', "position = 120", "name IN(\n 'is_dst',\n 'comments_mode',\n 'override_emailcharset'\n)"); safe_update('txp_prefs', "position = 120, event = 'publish'", "name = 'send_lastmod'");
function file_path($filename) { global $prefs; return build_file_path($prefs['file_base_path'], $filename); }